cute robot

Dev/Sec/Ops with a splattering of humour

Speaking & media

Tim Nash is a speaker and occasional author, who randomly pops up all over the internet. If you are interested in Tim coming to your event or want him to come to speak and comment this is the place to look.

What would you like to know about:

Media Requests

Tim is the WordPress Platform Lead at a Managed WordPress Host he is a regular speaker & author on subjects related to WordPress, Security, Hosting and Performance online. He is happy to discuss aspects of WordPress, Security and Hosting with media outlets.
Tim is based in the United Kingdom, with easy access to Manchester/Salford, Leeds and Sheffield. He also has high-speed internet access and an appropriate recording/stream space within his office. This includes up to 4k video and good audio.

Contacting Tim, to arrange interview/comment or appearance please contact site at in the subject please clearly state a request for a media appearance.

Remuneration and riders

I love talking and am very fortunate to be at the stage where I can say I have spoken at hundreds of events mostly small but also larger conferences around the world.
Most of the time, I will not look for remuneration my workplace support my speaking engagements within community and as such I will happily come and speak for free at events if they meet the following criteria:

  • The event is not for profit
  • If an event makes a profit this is put into “community events and opportunities”
  • Event are “accessible” to all*
  • Ticket pricing is reasonable**
  • Volunteers/speakers/organisers are not expected to contribute financially or purchase a ticket
  • Event has a code of conduct or similar policies

*Accessible to all, that an event does not discriminate by age, race, gender or anything else you can think of.
**I appreciate this is very subjective

For event’s that are for profit, I’m happy to come and speak but would expect remuneration for details and pricing please do get in touch. Likewise for workshops or full day events/training.

The diva that I am, at an event it would be great to have a bottle/glass of water (seriously so many events don’t offer it and I literally die on stage). In addition if publising the talk, it would be great to link to both this website and my employers site Finally, if you are tweeting about the event I always appreciate a mention @tnash and my employer is @34sp.


This is my current set of talks for 2019 don’t worry if you don’t find a talk you like, if you would like me to talk on a separate subject please don’t hesitate to ask! if your looking for one of my past talks check out my security page.

Going to the dark side, they have cookies (2019 Edition)

Most Popular and requested talk

Everyone should be a little bit worried about the security of their site, and at conferences, lots of security talks focus on practical steps people can take. In this talk, Tim will flip the norms and instead focus on several real examples of sites being hacked but from the attackers perspective. We will see the whole attacks from the bad actors view identifying targets, analysing vulnerable sites, adding payload, exploiting in doing so showing how sites are infected, how some tools do prevent certain attacks and how clever and indeed not so clever bad actors can circumvent lots of hardening done.

Each step we can analyse what could have been put in place to prevent and frustrate the attack and then look at how this can be implemented on your site.
Note this talk can be either 40m or hour

Practical WordPress Security (2018 Edition)

We have all been to the scary WordPress security talk where Tim or someone else frightens you to death, in those talks, there is a theme beyond despair and that’s ‘every little helps’. So this talk is low on scary tales and high on simple practical tips to improve your site’s security.

On their own, they might not be the silver bullet, but they all add up. Tim will guide you through things anyone of any ability level can implement to improve their site’s security.
Note this talk can be either 40minutes or hour format

In-practical security for the insanely paranoid

The follow up, more in depth and aimed at system admins and developers
So you’ve been to Tims’ practical WordPress security talk and thought well I do most of that…
Time to notch it up a few gears, from intrusion detection to understanding mod_security rules to auditing code and pen testing your own sites. Tim is going to take you on a whirlwind tool behind the scenes of securing your WordPress sites when you have complete control of your stack.
Note this is a “full evening” talk

Using Security Headers to help secure your site

From HSTS through to CSP and almost every acronym in between security headers, are simple HTTP Headers, sent with requests from your server to the browser but they can be a valuable piece in hardening sites if implemented correctly what’s more for most of them it’s simple to do. In this talk Tim going to go through various security headers explaining how and when to use them and some of the pitfalls. It’s a journey that will take us through HTTPS and into a world where we need to consider carefully what third party content is being used.
This talk can be in either 20minute or 40 minute format

Non-Security Talks

WP-CLI will save your life

In 2019 some people still access their website and manage their day to day activities using a browser how quaint. In this talk Tim will show you how using WordPress via the command line will change the way you work, for developers and non-developers. The command line is not a scary place and so he will introduce you to common commands, before taking things up a notch, soon you will be managing plugins, posts and users effortlessly.

This talk is 40 minutes approx

Scaling the magic LAMP

Or is it scaling the magic LEMP perhaps not as catchy a title. In this talk Tim will look at how to scale large WordPress sites and some of the issues you may find. With the widespread adoption of containers and orchestration tools like Kubernetes scaling standard Linux, Nginx, MySQL and PHP applications has become considerably easier in some respects but still represents interesting challenges. Ask someone how they handle databases in their Kubernetes cluster and chances are they will give you a grimace as a reply. The talk will look at building such clusters, maintaining and handling things like deployments as well as looking at other alternatives for larger setups.
This talk can be in 40 minute or hour format

Pragmatic testing from the trenches

Everyone writes tests, its a well known fact. It’s simply which methodology you use that divides us, is it BDD, TDD, QPDD or blah blah design. The reality of course is very different, few developers are writing dedicated tests for their code and applications and almost no one outside of the developer space is. In this talk Tim is going to look at how anyone can start writing tests and how these tests can be used in develop, long term maintenance, accessibility, performance and even security of a site.

When you start to peel away dogma, a lot of the methodologies have great ideas that can be used everyday without getting in the way or slowing down development. Indeed they can even speed up development if used carefully. This is not a talk for the methodology purists but for anyone who has ever thought I should have tested that.
This talk is 40 minutes approx

Building Text Adventures and other CLI apps in PHP

What do Homestead, PHPSpec, Behat, Codeception and Drush have in common? They are all CLI applications written in PHP. In this talk Tim will look at how you can harness PHP in building CLI based applications, using a simple old school text adventure game as his main example.

The talk will cover building command line interfaces, looking at options for threading and managing process as well as building and distributing applications as Phar files.

Building for the command line especially on multiple platforms brings some interesting challenges and potential pain points and so this talk is very much a wish I knew this before I started talk.
This talk is 40 minutes approx


Tim is the WordPress Platform Lead & Developer advocate. He is responsible for the management of the WordPress platform and keeping thousands of sites running fast and staying secure. He is also known to give the odd talk here and there and when he can blog and appear randomly on Youtube. Tims own site is and he writes about everything from security to home automation with a healthy dose of WordPress and humour.


Tim is the platform lead at for their Managed WordPress product in addition to being the companies developer advocate. One day he will work out what either of those job titles means. Until he does he spends his day in a mix of dev, security, ops and project management as well as speaking at user groups and conferences. He also helps run WordPress Leeds and writes for several publications including his own site